NTP Attack Vector

Are you a network administrator who routinely has to set the time on a server or have one of your servers be the time keeper for your network? This protocol is called the NTP (Network Time Protocol) and we all just set it and forget it. Have you ever updated your NTP service? Wait, let me say that again, have you ever updated the NTP service on your NTP host box (or even host group)? Most likely the answer is no, unless you’re some high end military or DoD grade facility. Well, the hackers know that too, and over the past few months a very rarely used (or in this cased abused) hack has been unleashed to help with DrDos (Distributed Reflection Denial of Service) attacks. Now some will say “Dave the IT Guy, are you making stuff up to sound smart?” to which I say “Nope”. You can read more in the white papers created by Prolexic about this not so cool (not new, but new to the NTP attack vector) new attack vector. You’ll want to read all of the following information, consider your network, and then get to hardening your systems. Hopefully you won’t be out of time before doing it (sorry about the pun).